<!---cleans the form fields of hack attempts--->
<cfinvoke component="cfcs.common.cleaner" method="cleanforminput" fields="#form#" returnvariable="cleanfields" /> 
<cfloop collection="#cleanfields#" item="var">
    <cfset "form.#var#" = #evaluate('cleanfields.' & var)#>
    <cfset "#var#" = #evaluate('cleanfields.' & var)#>
</cfloop>

<cfquery name = "qryCheckEmail" datasource="#request.dsn#">
SELECT * FROM core_accounts
WHERE email = <cfqueryparam value="#form.email#" cfsqltype="cf_sql_varchar">
</cfquery>

<cfset errormsg = "">
<cfset waserror = 0>

<cfset new_persurl = replace(form.personalurl, " ", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "-", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "*", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "/", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "\", "", "ALL")>
<cfset new_persurl = replace(new_persurl, ",", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "'", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "&", "and", "ALL")>
<cfset new_persurl = replace(new_persurl, "!", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "(", "", "ALL")>
<cfset new_persurl = replace(new_persurl, ")", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "+", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "=", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "##", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "$", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "%", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "^", "", "ALL")>
<cfset new_persurl = replace(new_persurl, "@", "", "ALL")>

<cfif qryCheckEmail.recordcount GT 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#The email address you used was already used to create an account.">
</cfif>

<cfset strCaptcha = Decrypt(form.captcha_check, request.seedstring, "CFMX_COMPAT","HEX") />

<cfif NOT strCaptcha IS form.vcode>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#The characters you entered for the verification image were incorrect.  This website does not permit the usage of bots to signup affiliates.">
</cfif>

<cfquery name = "qDuplicate" datasource="#request.dsn#">
SELECT * FROM afl_affiliates
WHERE personalurl = '#new_persurl#'
</cfquery>

<cfif qDuplicate.recordcount GT 0>
	<cfset waserror = 1>
    <cfset errormsg = "The Personal URL you chose is already taken.  Please change it to something else.<br>">
</cfif>

<cfif len(trim(form.personalurl)) LT 3>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#Please make your Personal URL at least 3 characters.<br>">
</cfif>

<cfif len(trim(form.firstname)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#A first name is required.<br>">
</cfif>

<cfif len(trim(form.lastname)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#A last name is required.<br>">
</cfif>

<cfif len(trim(form.email)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#A first name is required.<br>">
</cfif>

<cfif len(trim(form.address1)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#A mailing address is required.<br>">
</cfif>

<cfif len(trim(form.city)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#A city is required.<br>">
</cfif>

<cfif len(trim(form.zip)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#A zip code is required.<br>">
</cfif>

<cfif len(trim(form.password)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#Please enter a password.<br>">
</cfif>

<cfif len(trim(form.personalurl)) IS 0>
	<cfset waserror = 1>
    <cfset errormsg = "#errormsg#Please choose a personal URL.<br>">
</cfif>

<cfif waserror IS 1>
	<cfinclude template = "../frm/join.cfm">
<cfelse>
    
    <cfset signupdate = now()>
    <!---create a new account and then log them in--->
    
    <cfinclude template = "insertaffiliate.cfm">
    
    <cfset enc_password = #encrypt(form.password, request.seedstring)#>
    <cfset enc_password = #replace(enc_password, "\", "\\", "ALL")#>
    
    <!---insert system user account--->    
    <cfquery name = "qryInsertNewuser" datasource="#request.dsn#">
    INSERT INTO core_accounts
    (id, username, pword, userlevel, firstname, lastname, companyname, address, address2, city, state, zip, country, email, timezone_offset, affid, account_type, vstring, joinedon, fullname)
    VALUES
    (#newaffiliateid#, '#form.personalurl#', '#enc_password#', 'User', '#form.firstname#', '#form.lastname#', '#form.company#', '#form.address1#', '#form.address2#', '#form.city#', '#form.state#', 
    '#form.zip#', '#form.scountry#', '#form.email#', '5,1', '#newaffiliateid#', 'free', '#vstring#', #createodbcdatetime(signupdate)#, '#form.firstname# #form.lastname#')
    </cfquery>

	<cfquery name="qinsert" datasource="#request.dsn#">
    INSERT INTO contacts_settings
    (rid)
    VALUES
    (#newaffiliateid#)
    </cfquery>

	<cftransaction>
    <cfquery name = "qInsertContactInfo" datasource="#request.dsn#">
    INSERT INTO contacts_leads
    (DateAdded,Company, FirstName, LastName, Address, Address2, City, State, Zip, Country, Email, cuserid, confirmed, fullname)
    VALUES
    (#createodbcdatetime(signupdate)#, '#form.company#', '#form.firstname#', '#form.lastname#', '#form.address1#', '#form.address2#', '#form.city#', '#form.state#', '#form.zip#', '#form.scountry#', '#form.email#', #newaffiliateid#, 1, '#form.firstname# #form.lastname#')
    </cfquery>

    <cfquery name = "qID" datasource="#request.dsn#">
        SELECT LAST_INSERT_ID() AS newID
    </cfquery>
	</cftransaction>

    <cfsavecontent variable="mail_subj">
        <cfinclude template = "/messages/#request.lang#/confirmemail_subject.cfm">
    </cfsavecontent>
    
    <cfsavecontent variable="mail_body">
        <cfinclude template = "/messages/#request.lang#/confirmemail_body.cfm">
    </cfsavecontent>
    
    <cfset the_link = "#request.mainurl#index.cfm?m=join&a=verifyaccount&vstring=#vstring#">
    
    <cfset mail_body = replacenocase(mail_body, "{link}", the_link, "ALL")>
    <cfset mail_body = replacenocase(mail_body, "{homeurl}", request.homeurl, "ALL")>
    <cfset mail_body = replacenocase(mail_body, "{vstring}", vstring, "ALL")>
    <cfset mail_body = replacenocase(mail_body, "{email}", form.email, "ALL")>
    <cfset mail_body = replacenocase(mail_body, "{password}", form.password, "ALL")>    
    
    <!---send out confirmation email--->
    <cfmail from="#request.noreply#" to="#form.email#" subject="#mail_subj#">
    #mail_body#
    </cfmail>
    
    <cflocation url = "index.cfm?m=join&a=welcome">    
</cfif>


